Parent

Class/Module Index [+]

Quicksearch

Rex::Parser::NetSparkerXMLStreamParser

Attributes

on_found_vuln[RW]

Public Class Methods

new(on_found_vuln = nil) click to toggle source
# File lib/rex/parser/netsparker_xml.rb, line 9
def initialize(on_found_vuln = nil)
        self.on_found_vuln = on_found_vuln if on_found_vuln
        reset_state
end

Public Instance Methods

attlist() click to toggle source
# File lib/rex/parser/netsparker_xml.rb, line 88
def attlist; end
cdata() click to toggle source
# File lib/rex/parser/netsparker_xml.rb, line 85
def cdata; end
comment(str) click to toggle source
# File lib/rex/parser/netsparker_xml.rb, line 86
def comment(str); end
instruction(name, instruction) click to toggle source
# File lib/rex/parser/netsparker_xml.rb, line 87
def instruction(name, instruction); end
reset_state() click to toggle source
# File lib/rex/parser/netsparker_xml.rb, line 14
def reset_state
        @state = :generic_state
        @vuln  = {'info' => []}
        @attr  = {}
end
tag_end(name) click to toggle source
# File lib/rex/parser/netsparker_xml.rb, line 72
def tag_end(name)
        case name
        when "vulnerability"
                @vuln.keys.each do |k|
                        @vuln[k] = @vuln[k].strip if @vuln[k].kind_of?(::String)
                end
                on_found_vuln.call(@vuln) if on_found_vuln
                reset_state
        end
end
tag_start(name, attributes) click to toggle source
# File lib/rex/parser/netsparker_xml.rb, line 20
def tag_start(name, attributes)
        @state = "in_#{name.downcase}".intern
        @attr  = attributes

        case name
        when "vulnerability"
                @vuln['confirmed'] = attributes['confirmed']
        end
end
text(str) click to toggle source
# File lib/rex/parser/netsparker_xml.rb, line 30
def text(str)
        case @state
        when :in_url
                @vuln['url'] ||= ""
                @vuln['url']  += str
        when :in_type
                @vuln['type'] ||= ""
                @vuln['type']  += str
        when :in_severity
                @vuln['severity'] ||= ""
                @vuln['severity']  += str
        when :in_vulnerableparametertype
                @vuln["vparam_type"] ||= ""
                @vuln["vparam_type"]  += str
        when :in_vulnerableparameter
                @vuln["vparam_name"] ||= ""
                @vuln["vparam_name"]  += str
        when :in_vulnerableparametervalue
                @vuln["vparam_value"] ||= ""
                @vuln["vparam_value"]  += str
        when :in_rawrequest
                @vuln["request"] ||= ""
                @vuln["request"]  += str
        when :in_rawresponse
                @vuln["response"] ||= ""
                @vuln["response"]  += str
        when :in_info
                # <info name="Identified Internal Path(s)">C:\AppServ\www\test-apps\dokeos\main\inc\banner.inc.php</info>
                if not str.to_s.strip.empty?
                        @vuln['info'] << [@attr['name'] || "Information", str]
                end
        when :in_netsparker
        when :in_target
        when :in_scantime
        when :generic_state
        when :in_vulnerability
        when :in_extrainformation
        else
                # $stderr.puts "unknown state: #{@state}"
        end
end
xmldecl(version, encoding, standalone) click to toggle source

We don't need these methods, but they're necessary to keep REXML happy

# File lib/rex/parser/netsparker_xml.rb, line 84
def xmldecl(version, encoding, standalone); end

[Validate]

Generated with the Darkfish Rdoc Generator 2.